HOMEVULNERABILITIESCVE-2026-45963
NONE

CVE-2026-45963

Published: May 27, 2026· Updated: May 27, 2026

Official Description

In the Linux kernel, the following vulnerability has been resolved:

ASoC: nau8821: Cancel delayed work on component remove

Attempting to unload the driver while a jack detection work is pending

would likely crash the kernel when it is eventually scheduled for

execution:

[ 1984.896308] BUG: unable to handle page fault for address: ffffffffc10c2a20

[...]

[ 1984.896388] Hardware name: Valve Jupiter/Jupiter, BIOS F7A0131 01/30/2024

[ 1984.896396] Workqueue: events nau8821_jdet_work [snd_soc_nau8821]

[ 1984.896414] RIP: 0010:__mutex_lock+0x9f/0x11d0

[...]

[ 1984.896504] Call Trace:

[ 1984.896511] <TASK>

[ 1984.896524] ? snd_soc_dapm_disable_pin+0x26/0x60 [snd_soc_core]

[ 1984.896572] ? snd_soc_dapm_disable_pin+0x26/0x60 [snd_soc_core]

[ 1984.896596] snd_soc_dapm_disable_pin+0x26/0x60 [snd_soc_core]

[ 1984.896622] nau8821_jdet_work+0xeb/0x1e0 [snd_soc_nau8821]

[ 1984.896636] process_one_work+0x211/0x590

[ 1984.896649] ? srso_return_thunk+0x5/0x5f

[ 1984.896670] worker_thread+0x1cd/0x3a0

Cancel unscheduled jdet_work or wait for its execution to finish before

the component driver gets removed.

NVD Source

Technical Analysis

CVE-2026-45963 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Linux
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

All References (2)

Quick Facts

CVE IDCVE-2026-45963
SeverityNONE
CISA KEVNo
PublishedMay 27, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-45963 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.